diff --git a/docs/endpoint.go b/docs/endpoint.go
index 88dbeafd9..cb96cb4fc 100644
--- a/docs/endpoint.go
+++ b/docs/endpoint.go
@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
+	"net"
 	"net/http"
 	"net/url"
 	"strings"
@@ -154,7 +155,16 @@ func IsSecure(hostname string, insecureRegistries []string) bool {
 	if hostname == IndexServerAddress() {
 		return true
 	}
-
+	if len(insecureRegistries) == 0 {
+		host, _, err := net.SplitHostPort(hostname)
+		if err != nil {
+			host = hostname
+		}
+		if host == "127.0.0.1" || host == "localhost" {
+			return false
+		}
+		return true
+	}
 	for _, h := range insecureRegistries {
 		if hostname == h {
 			return false
diff --git a/docs/registry_test.go b/docs/registry_test.go
index f7b5168b4..7191acea3 100644
--- a/docs/registry_test.go
+++ b/docs/registry_test.go
@@ -339,3 +339,24 @@ func TestIsSecure(t *testing.T) {
 		}
 	}
 }
+
+func TestIsSecure(t *testing.T) {
+	tests := []struct {
+		addr               string
+		insecureRegistries []string
+		expected           bool
+	}{
+		{"localhost", []string{}, false},
+		{"localhost:5000", []string{}, false},
+		{"127.0.0.1", []string{}, false},
+		{"localhost", []string{"example.com"}, true},
+		{"127.0.0.1", []string{"example.com"}, true},
+		{"example.com", []string{}, true},
+		{"example.com", []string{"example.com"}, false},
+	}
+	for _, tt := range tests {
+		if sec := IsSecure(tt.addr, tt.insecureRegistries); sec != tt.expected {
+			t.Errorf("IsSecure failed for %q %v, expected %v got %v", tt.addr, tt.insecureRegistries, tt.expected, sec)
+		}
+	}
+}